Network Access Control
To prevent unauthorised access that may lead to data breach through our network, only devices on our access control lists have the permission to utilise our networks.
Intrusion Prevention System
In order to protect Personal Data and sensitive information, we have implemented an Intrusion Prevention System in the form of a firewall solution. Our firewall solution protects our network and connected systems from malicious attacks and hacking from cybercriminals by filtering and blocking unwanted data packets from accessing our computer network.
Our Next-Gen firewall solution has a pre-emptive approach to network security as it is able to identify potential threats and respond to them swiftly.
When a threat is detected, the firewall solution deploys a lateral movement protection defence response, which isolates the threat from spreading, system from communicating with other systems or back to the host.
Endpoint Security System We have installed, an endpoint protection system that combines anti-malware, Data Loss Prevention (DLP), firewall, application and device control as well as a host- based intrusion prevention system.
This also offers website browsing protection and filtering, email protection (such as anti-spam) and patch assessment.
Our endpoint protection system offers protection from zero-day attacks and drive-by downloads, includes root cause analysis and anti-exploit technology to minimize damage from breaches, and incorporates CryptoGuard to protect against ransomware.
Backups in our organisation are on a daily basis and done automatically. Backups are encrypted with industry standard solution and backed up data can only be accessed by authorised personnel for control purposes.
Our devices are also protected for offsite use, as we support our staff working remotely. Our endpoint security system extends to registered devices which can communicate over the internet only through our Virtual Private Network. This means that our staff can work from any location with their provided devices and are still under the security controls applicable to those within the organisation premises.
To mitigate the threat of data loss that could arise from a physical breach at our premises, we have, apart from human security services deployed, the use of CCTV and round the clock surveillance systems in strategic locations.
Our data centre has access control via cards for authorised personnel only. Documents stored in hard copies are secured in a code-enabled cabinet and accessible to only authorised personnel who keep logs of collected and returned documents.
Fire alarm systems are also present in the case of arson or accidental fire outbreak.
Our information security policies and practices apply to all personal information in our custody.